Fedora 44 Exim Critical Information Disclosure CVE-2026-48840
fedora
June 9, 2026
This is an update fixing a pre-authentication information disclosure (CVE-2026-48840).
Summary
Exim is a message transfer agent (MTA) developed at the University of
Cambridge for use on Unix systems connected to the Internet. It is
freely available under the terms of the GNU General Public Licence. In
style it is similar to Smail 3, but its facilities are more
general. There is a great deal of flexibility in the way mail can be
routed, and there are extensive facilities for checking incoming
mail. Exim can be installed in place of sendmail, although the
configuration of exim is quite different to that of sendmail.
Update Information:
This is an update fixing a pre-authentication information disclosure (CVE-2026-48840).
Topics Covered
Change Log
* Mon Jun 1 2026 Jaroslav Škarvada
References
[ 1 ] Bug #2483300 - exim-4.99.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2483300
[ 2 ] Bug #2484718 - CVE-2026-48840 exim: Exim: Information disclosure via mishandled short payloads in proxy configurations [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2484718
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-78bf093219' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: exim
Product: Fedora 44
Version: 4.99.4
Release: 1.fc44
Summary: The exim mail transfer agent
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!